.\" Copyright (C) 2004-2007, 2009  Dmitry V. Levin <ldv@altlinux.org>
.\" 
.\" Documentation for the hasher-priv configuration.
.\"
.\" SPDX-License-Identifier: GPL-2.0-or-later
.\" 
.TH "HASHER-PRIV configuration" "5" "January 2005" "hasher-priv version @VERSION@" "ALT Linux"
.SH NAME
/etc/hasher\-priv/ \- configuration for the hasher\-priv program
.SH DESCRIPTION
/etc/hasher\-priv/ is used to control various aspects of
.BR hasher\-priv (8)
behaviour.
.PP
.BR hasher\-priv (8)
first loads systemwide config file
.IR /etc/hasher\-priv/system ,
then it loads per-user config file
\fI/etc/hasher\-priv/user.d/\fBUSER\fR,
and finally, if subconfig identifier
.B NUMBER
is specified, it loads per-user per-number subconfig file
\fI/etc/hasher\-priv/user.d/\fBUSER\fI:\fBNUMBER\fR.
.SH FORMAT
The format of each config file is very simple.  Each line is either
a comment or a directive.  Comment lines start with a # character and
are ignored.  A directive line has the format:

option=value

It is not an error to put any space between the
option, = and value.  Both option and its value are case-insensitive.

Each setting has a compiled in default which may be modified in the
configuration file.
.SH NUMERIC OPTIONS
Below is a list of numeric options.  A numeric option must be set to a
non negative integer.

.TP
.B umask
The value (octal number) that the umask for child process is set.

Default: 022
.TP
.B nice
Add specified value to the nice value for child process.  This value
should not exceed OS limitation (19).

Default: 8
.TP
.BR rlimit_hard_cpu ", " rlimit_soft_cpu
Per-process CPU limit, in seconds.

Default: (none)
.TP
.BR rlimit_hard_fsize ", " rlimit_soft_fsize
Largest file that can be created, in bytes.

Default: (none)
.TP
.BR rlimit_hard_data ", " rlimit_soft_data
Maximum size of data segment, in bytes.

Default: (none)
.TP
.BR rlimit_hard_stack ", " rlimit_soft_stack
Maximum size of stack segment, in bytes.

Default: (none)
.TP
.BR rlimit_hard_core ", " rlimit_soft_core
Largest core file that can be created, in bytes.

Default: (none)
.TP
.BR rlimit_hard_rss ", " rlimit_soft_rss
Largest resident set size, in bytes.

Default: (none)
.TP
.BR rlimit_hard_nproc ", " rlimit_soft_nproc
Number of processes.

Default: (none)
.TP
.BR rlimit_hard_nofile ", " rlimit_soft_nofile
Number of open files.

Default: (none)
.TP
.BR rlimit_hard_memlock ", " rlimit_soft_memlock
Locked-in-memory address space.

Default: (none)
.TP
.BR rlimit_hard_as ", " rlimit_soft_as
Address space limit.

Default: (none)
.TP
.BR rlimit_hard_locks ", " rlimit_soft_locks
Maximum number of file locks.

Default: (none)
.TP
.B wlimit_time_elapsed
This option limits total execution time, in seconds.

Default: (none)
.TP
.B wlimit_time_idle
This option specifies idle time limit, in seconds.
Idle time is a period when child process produces no output.

Default: (none)
.TP
.B wlimit_bytes_written
This option limits amount of output generated by child process, in bytes.

Default: (none)
.SH STRING OPTIONS
Below is a list of string options.

.TP
.B user1
This option specifies name of the first pseudouser.

Default: (none)
.TP
.B user2
This option specifies name of the second pseudouser.

Default: (none)
.TP
.B prefix
This option specifies colon-separated list of prefixes allowed for build chroot.
It affects all
.BR hasher\-priv (8)
modes which accept chroot parameter.

Hardcoded default: (none)
.br
System default: ~:/tmp/.private
.TP
.B allowed_devices
This option specifies a comma-separated list of devices which are allowed
to be specified to \*(lq\fBhasher\-priv\fR chrootuid1\*(rq and
\*(lq\fBhasher\-priv\fR chrootuid2\*(rq commands using
.B requested_mountpoints
environment variable.

Default: (none)
.TP
.B allowed_mountpoints
This option specifies a comma-separated list of mount points which are allowed
to be specified to \*(lq\fBhasher\-priv\fR chrootuid1\*(rq and
\*(lq\fBhasher\-priv\fR chrootuid2\*(rq commands using
.B requested_mountpoints
environment variable.

Default: (none)
.SH FILES
.TP
.I /etc/hasher\-priv/system
systemwide config file
.TP
\fI/etc/hasher\-priv/user.d/\fBUSER\fR
per-user config files
.TP
\fI/etc/hasher\-priv/user.d/\fBUSER\fI:\fBNUMBER\fR
per-user per-number subconfig files
.SH AUTHOR
Written by Dmitry V. Levin <ldv@altlinux.org>
.SH "REPORTING BUGS"
Report bugs to http://bugs.altlinux.ru/
.SH COPYRIGHT
Copyright \(co 2003-2019  Dmitry V. Levin <ldv@altlinux.org>
.br
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
.SH "SEE ALSO"
.BR hsh (1),
.BR hasher (7),
.BR hasher\-priv (8).
